US8745405B2 - Dynamic seed and key generation from biometric indicia - Google Patents

Dynamic seed and key generation from biometric indicia Download PDF

Info

Publication number
US8745405B2
US8745405B2 US13/028,715 US201113028715A US8745405B2 US 8745405 B2 US8745405 B2 US 8745405B2 US 201113028715 A US201113028715 A US 201113028715A US 8745405 B2 US8745405 B2 US 8745405B2
Authority
US
United States
Prior art keywords
biometric template
test data
interval
item
storage device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related, expires
Application number
US13/028,715
Other versions
US20110264919A1 (en
Inventor
Erix Pizano
Joe Sass
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CIP LLC
Ceelox Patents LLC
Original Assignee
Ceelox Patents LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ceelox Patents LLC filed Critical Ceelox Patents LLC
Priority to US13/028,715 priority Critical patent/US8745405B2/en
Assigned to CEELOX, INC. reassignment CEELOX, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: PIZANO, ERIX, SASS, JOE
Publication of US20110264919A1 publication Critical patent/US20110264919A1/en
Priority to US14/290,306 priority patent/US9160532B2/en
Application granted granted Critical
Publication of US8745405B2 publication Critical patent/US8745405B2/en
Assigned to CIP, LLC reassignment CIP, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CEELOX, INC.
Assigned to Ceelox Patents, LLC reassignment Ceelox Patents, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CIP, LLC
Priority to US14/880,686 priority patent/US9755830B2/en
Expired - Fee Related legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/24Key scheduling, i.e. generating round keys or sub-keys for block encryption
    • H04L29/06809

Definitions

  • the present invention relates to seed and key generation systems for encryption methods. More particularly, the invention relates to a seed and a key generation system for non-deterministic biometric indicia.
  • the system does not store all necessary information for regenerating an encryption seed or generation an encryption key. Instead, the system destroys the seed and key and requires a live biometric sample to recreate the seed/key.
  • Access to the storage device may be limited to one or more authenticated users.
  • the user To authenticate a user, the user must initially enroll a biometric identifier specific to the user. This biometric identifier serves as an authentication password to verify the user's identity.
  • the user provides the same biometric identifier, referred to as a live biometric identifier. The enrolled and live biometric identifiers are compared, and if the authentication system determines that the biometric identifiers likely belong to the same user, the system unlocks or otherwise retrieves a key for accessing the storage device.
  • the key is encrypted prior to being stored on the storage device or otherwise made accessible by the storage device. Encryption of the key does provide some security, as a hacker (who does not have access to the live biometric identifier for the specific user) must decrypt the key prior to accessing the device. However, decryption of the key is often elementary to skilled hackers.
  • Another layer of security is often added to the storage device by requiring that the key be regenerated each time access to the device is requested.
  • a seed must be stored (either in encrypted or even hashed form or unencrypted or unhashed form). Similar to the encrypted key, a stored encrypted seed is still vulnerable to hackers.
  • authentication systems In view of the concerns with storing the seed/key on the storage device or otherwise making accessible by the device, authentication systems have been developed that do not store the seed and/or key on the storage device itself. Instead, the seed and/or key is communicated or otherwise transferred to an authentication server, at which it is stored. When the user desires to access the storage device, the authentication system verifies the user's identity and transfers the seed and/or key to the device for accessing of the device. This authentication method is still vulnerable to security risks, as transferring the seed and/or key increases the potential for hacking and compromises the overall security of the encryption system.
  • the above security disadvantages are germane to many common encryption methods, including symmetric encryption and asymmetric encryption, and authentication systems, such as a one-time password authentication system. Specifically, supply of a password in a HOTP algorithm is particularly subject to security risks.
  • the HOTP algorithm is an HMAC based one-time password authentication system.
  • OTP algorithms provide a single-use (i.e., one-time) password based on a known time, a known last password entered, and a key (or a seed for generating a key) stored by or at an authentication server.
  • a client which could be a storage device or software on the user side, and the authentication server run the HOTP algorithm in parallel.
  • the authentication server running the HOTP algorithm typically uses an input key, a timer (or counter), and a known previous password to determine the next password in the algorithm's sequence.
  • the storage device or software on the user will output a password.
  • the outputted password at the user side is compared to the password, at the authentication side, determined by the HOTP algorithm to be the next password in the sequence. The comparison is performed by the authentication server. If the passwords match, the user is granted access to the storage device. The outputted password at the user side is different each time and only viable for a short time, thus making it a one-time password.
  • an encryption system that does not store or otherwise provide access to all of the information necessary for obtaining access to a storage device. More particularly, there is a need for an encryption system that requires a live biometric identifier be provided at the time of access to the device for purposes of generating the seed and/or key—as opposed to merely authenticating an identity of the user.
  • Embodiments of the present invention solve the above-mentioned problems and provide a distinct advance in the art of seed and key generation systems. More particularly, embodiments of the invention provide a system, a computer program, and methods for seed and key generation from a non-deterministic live biometric identifier. The system of the present invention performs the methods implemented via the computer program.
  • the system broadly comprises a storage device for interfacing with a computer; and a computer-readable storage medium integrated in or accessible by the storage device, the computer-readable medium having a plurality of modules comprising a plurality of code segments stored thereon, including an initialization module comprising an enrollment module for enrolling a biometric template and a seed generation module for initially generating a seed, a live capture module for capturing a live biometric template upon a user desiring to access the storage device, a seed regeneration module for regenerating the seed upon the user desiring to access the storage device, and a key generation module for generating a key from the seed.
  • an initialization module comprising an enrollment module for enrolling a biometric template and a seed generation module for initially generating a seed
  • a live capture module for capturing a live biometric template upon a user desiring to access the storage device
  • a seed regeneration module for regenerating the seed upon the user desiring to access the storage device
  • a key generation module for generating a key from
  • the enrollment module first receives information indicative of at least one biometric template specific to a user for storing on, or otherwise making accessible by, the storage device.
  • the biometric template is then an enrolled biometric template that is used for comparison to any future, live capture biometric templates.
  • the present invention assigns an optimization value to the enrolled biometric template. This optimization value is indicative of at least one representative feature of the enrolled biometric template.
  • the seed is initially generated as part of the initialization stage.
  • An item of test data is encrypted using the optimization value associated with the enrolled biometric template.
  • the seed i.e., the optimization value
  • the seed is then destroyed, leaving only the encrypted item of test data, the unencrypted item of test data, and the enrolled biometric template stored on the storage device or otherwise made accessible by the device.
  • the initialization stage is then complete, and the user may access the storage device at a future time by providing a live biometric template.
  • the live biometric template is required for generating the seed previously destroyed during the initialization stage.
  • the seed is regenerated by first comparing the enrolled biometric template with the live biometric template and determining an interval having a range based on a probability that the enrolled and live templates are specific to the same user.
  • the interval has a plurality of values, and one of the values is indicative of or is the same as the destroyed encryption seed associated with the optimization value for the enrolled biometric template.
  • the present invention then iteratively tests the values within the interval by using each value to decrypt the stored, encrypted item of test data. If the encrypted item of test data can be decrypted with the tested value, then the tested value is the seed associated with the optimization value and used to encrypt the item of test data, such that the seed is regenerated.
  • embodiments of the present invention generate the key using reflective code.
  • the present invention employs a first code segment that at runtime observes and modifies a structure and a behavior of itself to generate a second code segment.
  • the second code segment then uses the seed to generate the key.
  • the key is operable to encrypt or decrypt one or more files stored on the storage device or to provide access to the storage device.
  • FIG. 1 is a schematic block diagram of a seed and key generation system constructed in accordance with various embodiments of the current invention
  • FIG. 2 is a block diagram of various modules comprising a plurality of code segments stored on a computer-readable medium of the present invention
  • FIG. 3 is a block diagram of at least some steps of a method for seed and key generation.
  • FIG. 4 is a flow chart of at least some steps of a method for seed and key generation.
  • references to “one embodiment,” “an embodiment,” or “embodiments” mean that the feature or features being referred to are included in at least one embodiment of the technology.
  • references to “one embodiment,” “an embodiment,” or “embodiments” in this description do not necessarily refer to the same embodiment and are also not mutually exclusive unless so stated and/or except as will be readily apparent to those skilled in the art from the description.
  • a feature, structure, act, etc. described in one embodiment may also be included in other embodiments, but is not necessarily included.
  • the present technology can include a variety of combinations and/or integrations of the embodiments described herein.
  • FIG. 1 A dynamic seed and key generation system 10 constructed in accordance with various embodiments of the present invention is shown in FIG. 1 .
  • the system 10 employs a storage device 12 , such as a flash drive or mobile wireless device, for interfacing with a computing device 14 (also referred to herein as a “computer”).
  • the storage device 12 includes an integrated computer-readable storage medium 16 or is otherwise operable to access a computer-readable storage medium 16 .
  • the storage medium 16 has a plurality of modules comprising a plurality of code segments stored on the computer-readable medium for implementing a computer program and a method of embodiments of the present invention.
  • the various components or steps of the computer program and method are referred to herein as modules.
  • the seed and key generation system 10 can be used for allowing a user access to a secure repository stored on the storage device 12 .
  • the secure repository may be a database, a hard drive, a file, a folder, or any digital location to which access is limited based on the identity of the user.
  • the system 10 can be used for encrypting/decrypting files or folders stored on the storage device 12 .
  • the system 10 can be used with both symmetric and asymmetric encryption methods and with various authentication systems, including a one-time password (OTP) algorithm, such as a HOTP algorithm.
  • OTP one-time password
  • the seed and key generation system 10 broadly comprises the storage device 12 ; an initialization module 100 for initializing the storage device 12 for accessibility to the secure repository or for encryption/decryption purposes in the future, the initialization module 100 including an enrollment sub-module 102 for enrolling a biometric template, for determining an optimization parameter associated with the enrolled biometric template, and for storing the enrolled biometric template on, or otherwise making accessible to, the storage device, and a seed generation sub-module 104 for generating a seed using the optimization parameter associated with the enrolled biometric template, encrypting an item of test data with the seed, and subsequently destroying the seed; a live capture module 110 for capturing a live biometric template for use in regenerating the seed; a seed regeneration module 120 for regenerating the destroyed seed based on statistical matching of the enrolled and live biometric templates; and a key generation module 130 for generating a key from the regenerated seed.
  • an enrollment sub-module 102 for enrolling a biometric template, for determining an optimization parameter
  • the dynamic seed and key generation system 10 may be implemented in hardware, software, firmware, or a combination thereof.
  • the components of the seed and key generation system 10 may be implemented as software programs or processor-executable code segments that may be stored on the computer-readable storage medium 16 .
  • a “computer-readable medium” or a “computer-readable storage medium” can be any device that can contain or store the computer program for use by or in connection with the instruction execution system, apparatus, or device.
  • the computer-readable medium can be, for example, but not limited to, an electronic, magnetic, optical, electro-magnetic, biochemical, or semi-conductor system, apparatus, or device.
  • examples of the computer-readable medium include the following: a portable computer diskette, a hard drive, a random access memory (RAM), a read-only memory (ROM), an erasable, programmable, read-only memory (EPROM or Flash memory), a portable compact disk read-only memory (CDROM), a digital video disc (DVD), a Blu-RayTM disc, and the like.
  • the computer-readable medium 16 is integrated with, or accessible by, the storage device 12 , which may be portable, such as a flash drive or thumb drive, and that is interfaced with the computing device 14 . In other embodiments, the computer-readable medium 16 may be integrated with or accessible by the computing device 14 .
  • An exemplary computing device 14 generally comprises any device that is capable of running an operating system and executing software applications, such as a workstation, a desktop computer, a laptop computer, a notebook computer, a palmtop computer, a tablet computer, such as an IPAD®, a mobile wireless communications device, a point of sale terminal, a credit card scanner, and the like.
  • the computing device includes data processing circuitry coupled with memory components to execute computer code or software, such as processors, microprocessors, multi-core microprocessors, microcontrollers, combinations thereof, and the like.
  • the various modules and sub-modules described herein represent steps implemented by the method.
  • the steps of the method are preferably implemented via the computer program or software comprising a plurality of code segments stored on the computer-readable medium 15 and executable by the computing device 14 .
  • reference to the modules should be understood to encompass both the method and the computer program of the present invention.
  • the initialization of the storage device includes enrolling an enrolled biometric template via the enrollment module and creating or generating a seed via the seed generation module. Initialization is required so that the storage device is associated with a specific user, such that only the specific user can access a secure repository on the storage device, encrypt/decrypt files or folders saved on the storage device, or obtain a password via an OTP algorithm, such as a HOTP algorithm. In most circumstances, the initialization of the storage device will only be required once. However, should the user wish to erase the storage device, enroll a different biometric identifier, or enroll a different or additional user, the initialization will need to be performed again.
  • the initialization module 100 comprises an enrollment sub-module 102 (or simply, an enrollment module) and a seed generation sub-module 104 (or simply, a seed generation module).
  • the enrollment module 102 is operable to enroll a biometric template, determine the optimization parameter associated with the enrolled biometric template, and store the enrolled biometric template on, or otherwise make accessible by, the storage device.
  • the seed and key generation system employs biometric indicia to generate the seed/key, allow access to files or information, encrypt/decrypt files or information, or provide one-time passwords when used with a OTP algorithm (collectively or individually broadly referred to herein as “allowing access to the storage device”).
  • the enrolled biometric template is permanently stored on or otherwise made accessible to the storage device, as illustrated in FIGS. 1 and 3 .
  • the live biometric template which is discussed below, is provided for seed and key generation at the time the user wishes to access the storage device, but the live biometric template is not permanently stored on the storage device and is deleted once access is granted.
  • the modules, the enrolled biometric template, and other information discussed herein as stored on the storage device or otherwise made accessible by the storage device may be stored at a third-party storage device 18 , such as an authentication server 18 , the computing device 14 , or the like.
  • the storage device 12 may communicate with the computing device 14 and/or the third-party storage device 18 via known communication networks 20 and techniques, including device-to-device networking, cloud networking, an Ethernet network, an 802.11 wireless network, a blue tooth network, a computer bus, or any other device, apparatus, system, or combination thereof capable of enabling communication, individually or collectively, among the storage device, the computing device, and the third-party storage device.
  • the biometric indicia for a particular biometric identifier is obtained through a biometric sensor 22 , which may be coupled with, integrated in, or accessible by the storage device 12 and/or the computing device 14 .
  • the storage device could be a mobile wireless communications device, and the biometric sensor could be integrated with the communications device.
  • the storage device could be a flash or thumb drive including an integrated biometric sensor.
  • An even further alternative could be a biometric sensor coupled to the storage device and/or computing device.
  • the biometric sensor could be a fingerprint scanner or other suitable biometric sensor for receiving the biometric identifier, identifying and capturing unique biometric indicia associated with the biometric identifier, and creating the biometric template. It should be understood that the biometric sensor could be any device to extract biometric indicia sufficient for creating a biometric template or that otherwise creates unique indicia. For example, a lightwave spectrum sensor captures biometric characteristics not visible to the human eye.
  • biometric indicia including fingerprints, palm prints, the orientation and arrangement of features on a face, iris scans, and DNA.
  • biometric indicia will be described with respect to a fingerprint.
  • a user of the invention To enroll a biometric identifier specific to the user, a user of the invention initially provides at least one and often several samples of the same biometric identifier (i.e., the same finger for obtaining a fingerprint scan), as referenced at Step 200 of FIG. 4 .
  • Biometric indicia specific to the biometric identifier is then extracted via known biometric techniques, as referenced at Step 202 .
  • biometric indicia associated with the biometric identifier is therefore non-deterministic, in that the collective biometric indicia cannot be accurately identified each time the biometric identifier is scanned or sampled.
  • biometric indicia specific to the biometric identifier.
  • An exemplary, although non-limiting, algorithm for fingerprints is a vector-based matching algorithm.
  • the goal of any algorithm for digitally representing a biometric identifier as a biometric template is to identify the representative features that will most likely be extracted from any future scan or sample taken of the particular biometric identifier.
  • a representative feature may be a pattern of ridges or valleys in the fingerprint that will likely be identified in any future fingerprint scans.
  • one or more scans or samples of the biometric identifier may be taken for obtaining the one or more representative features.
  • the present invention identifies an optimization value specific to the enrolled biometric indicia, as referenced at Step 204 .
  • the optimization value is a value, parameter, or other feature that is statistically highly likely to be the same as or close to a value, parameter, or other feature identified in any future live scan or sample of the biometric identifier.
  • the optimization value is unique to the particular biometric identifier.
  • the optimization value is not necessarily the value that is most representative of the biometric identifier. Instead, the optimization value can be a value that is statistically close to a representative value of the biometric identifier.
  • the optimization value may be determined through various known optimization techniques, including, but not limited to, averaging the biometric indicia of each sample or scan of the biometric identifier and creating a correlation and a projection and determining expected asymptotes.
  • the seed is initially generated.
  • the seed can be a key to allow access to the storage device 12 , or the seed can be used to create, derive, or generate a key that in turn allows access to the storage device.
  • the seed is used for both purposes.
  • the seed is first used to encrypt an item of test data, as referenced at Step 206 .
  • the item of test data is preferably a relatively small-sized piece of data, such as less than approximately 1 MB, that is used as a standard or measure by which to determine if a seed regenerated in the future is the same as the seed initially created by the seed generation module 104 .
  • the unencrypted item of test data i.e., the item of test data in its initial form before encryption with the seed
  • the encrypted item of test data are stored on or otherwise made accessible by the storage device, as referenced at Step 208 .
  • the seed is then subsequently destroyed, as references at Step 210 .
  • the seed is the optimization value associated with the enrolled biometric indicia or is otherwise information indicative of the optimization value.
  • the seed is directly associated with the enrolled biometric indicia, and, in particular, the biometric identifier specific to the user. Encryption of the item of test data is performed using, at least in part, the optimization value or information associated with or indicative of the optimization value.
  • the enrolled biometric template is created, as referenced at Step 212 .
  • the enrolled biometric indicia is hashed or otherwise transformed with the aid of an injective function or via other known techniques.
  • the enrolled biometric template is the digital representation of the biometric identifier (a present size of a common biometric template is approximately 1 MB). Because the biometric indicia is hashed, the optimization value cannot be determined based on knowing the enrolled biometric template alone, as the result of an injective function such as a hashing algorithm is to prevent reverse engineering of the enrolled biometric template.
  • optimization value is determined or assigned prior to creation of the enrolled biometric template (i.e., prior to hashing the biometric indicia to obtain the biometric template)
  • reference herein to the optimization value being associated with the enrolled biometric template shall be understood to encompass the optimization value being associated with biometric indicia for the enrolled biometric identifier.
  • the present invention Upon determining an optimization value for the enrolled biometric template and creating the enrolled biometric template, the present invention stores the enrolled biometric template on the storage device or in a location accessible by the storage device, as referenced at Step 214 .
  • the enrolled biometric template may be further encrypted or hashed prior to storage.
  • the three items of information relevant to future seed regeneration and key generation remain stored on the storage device or otherwise accessible to the device, namely the enrolled biometric template, the unencrypted item of test data, and the encrypted item of test data.
  • all information or data necessary for obtaining access to the storage device is not stored on the device or accessible to the device.
  • the encrypted key is stored on the device
  • all the information necessary for obtaining access to the storage device is stored on the device.
  • the user cannot access the storage device without providing a live biometric scan that authenticates the user and allows decryption of the key.
  • the encrypted key is still stored on the device, the device remains vulnerable to hacking.
  • the same issues remain even if a seed for generating the key, rather than the key itself, is stored on the device (in encrypted or unencrypted form).
  • a result of not storing on the storage device all information necessary for obtaining access to the device is that access to the device cannot be obtained—under any hacking or vulnerability scenarios—without a live biometric identifier being provided at the time of granting access.
  • embodiments of the present invention receive a live biometric template via the live capture module 110 and perform a seed regeneration via the seed regeneration module 120 .
  • the live capture module 110 is performed subsequent to the initialization module 100 and prior to each time the user desires to access the storage device 12 .
  • the user When desiring to access the storage device, the user will provide the biometric identifier used for the enrollment module 102 described above. A scan or sample of the biometric identifier will be taken via the biometric sensor 22 , the biometric indicia associated with the biometric identifier will be identified, and a biometric template will be created, similar to the enrollment method described above for the enrolled biometric template.
  • the biometric template created each time the user provides the biometric identifier for access to the storage device (but subsequent to the initialization of the storage device) is herein referred to as a live biometric template.
  • the live capture module 110 will then receive information indicative of the live biometric template. As detailed below, the live biometric template is then used to regenerate the seed.
  • the live capture module 110 may only need to be performed upon interfacing the storage device with a particular computing device, upon a period of time expiring, upon opening or selecting the secure repository, upon request or initiation of a particular event, or at any other time or upon any other action specified by the user during the initialization of the storage device.
  • the seed regeneration module 120 is performed. Referring to FIG. 2 and Step 218 of FIG. 4 , the enrolled biometric template is compared with the live biometric template to determine a likelihood that the templates are indicative of the same biometric identifier (i.e., specific to the same user).
  • the seed regeneration module 120 performs a matching algorithm by comparing the biometric indicia for each of the templates and determining a matching value or score that represents the probability that the templates “match” (i.e., the templates are specific to the same user).
  • the matching score will be a 100% probability for non-deterministic biometric identifiers, as the biometric indicia for the live biometric template will most likely be different than the indicia for the enrolled biometric template.
  • the matching score will be sufficiently indicative of the biometric indicia of the enrolled biometric template for purposes of the present invention.
  • embodiments of the present invention determine a statistical interval having a range based on the matching score, namely a probability that the enrolled and live biometric templates are specific to the same user.
  • a plurality of values lie within the interval.
  • a size of the range of the interval from the lowest value to the highest value is dependent on the matching score. The higher the matching score (i.e., the more likely the enrolled and live biometric templates belong to the same user), the smaller the range of the interval. Similarly, the lower the matching score, the larger the range of the interval.
  • the size of the range of the interval is inversely proportional to the magnitude of the matching score.
  • the values that lie within the interval are indicative of the representative features of the live biometric indicia specific to the live biometric identifier. Similar to as discussed above with respect to the enrolled biometric template, the algorithm for creating the live biometric template will identify prominent characteristics or representative features associated with the live biometric identifier. These prominent characteristics will then be represented by the live biometric indicia as values. At least one of these values will lie within the range of the interval in the event the enrolled and live biometric identifiers are the same.
  • the interval determined by the seed regeneration module will encompass the optimization value for the enrolled biometric template—even though the optimization value for the enrolled template is no longer known. This is because the optimization value for the enrolled template is indicative of a prominent characteristic or representative feature of the biometric identifier provided during the enrollment process. Moreover, the values that lie within the interval are indicative of one or more prominent characteristics or representative features of the biometric identifier provided for access to the storage device subsequent to the enrollment process. Although the likelihood of assigning the same value for the same prominent characteristic for both templates is very low, the likelihood of the biometric template algorithm identifying one or more values close to the optimization value and within a range suitable for performing the seed regeneration of the present invention is high.
  • the seed regeneration module of the present invention guarantees that if the enrolled and live biometric templates belong to the same biometric identifier, then the optimization value associated with the enrolled biometric template will lie within the range of the determined interval (assuming that a suitable scan or sample of the live biometric identifier was obtained). Further, because the optimization value is the same as or associated with the destroyed seed, the seed regeneration module determines a statistical interval having a plurality of values, wherein one of the values is indicative of or is the same as the destroyed encryption seed associated with the optimization value for the enrolled biometric template.
  • embodiments of the present invention apply a filter to the interval to reduce any noise in the interval, as referenced at Step 220 of FIG. 4 .
  • the filtered interval has fewer values remaining therein than prior to application of the filter.
  • the filter of embodiments of the present invention discards vales known to not be the optimization value based on filtering techniques known in the art, such that subsequent to application of the filter, the value indicative of or the same as the destroyed encryption seed remains in the filtered interval.
  • An exemplary filter is a checksum filter.
  • embodiments of the present invention regenerate or otherwise uncover the seed via an iterative testing process.
  • the seed regeneration module individually tests, according to a scheduled sequence, the values within the interval to determine if one of the particular values is the seed. To test a value, the value is used to decrypt the item of test data previously encrypted with the seed associated with the optimization value for the enrolled biometric template. If decryption is successful, then the seed regeneration module 120 knows that the tested value is the seed previously destroyed during the enrollment process. The tested value is then a regenerated seed.
  • the seed regeneration module iteratively tests the next value in the scheduled sequence to determine if the next value decrypts the encrypted item of test data.
  • the decryption of the encrypted item of test data is evaluated against the stored item of test data (i.e., the item of test data that was not encrypted and was originally stored during the enrollment process) to confirm that the two items of test data are indeed the same item of data.
  • the iterative testing of the values within the range is preferably performed according to the scheduled sequence.
  • the scheduled sequence may be in any preferred order, including forward sequential, reverse sequential, or based on an order dependent on a statistical likelihood that a particular value, or range of values, in the interval is the seed.
  • the iterative testing is ceased, such that no further value within the interval is tested.
  • the regenerated seed could be used as a key to allow access to the storage device.
  • embodiments of the present invention provide the key generation module 130 for generating the key using the seed, as referenced at Step 224 , which provides an additional layer of security in obtaining access to the storage device.
  • the key may be generated via known techniques and methods, embodiments of the present invention preferably employ reflective code to generate the key.
  • Reflective code is a system or method of coding wherein a code segment observes and modifies a structure and a behavior of the code segment at runtime, and based on the structure and behavior, generates a second code segment.
  • reflective code is computer source code that can access metadata about the environment, classes, methods, and data at runtime.
  • reflective code can dynamically instantiate objects that are otherwise unknown at coding or compile-time, execute functions or methods, and destroy objects.
  • code written in Java may use classes and methods in java.lang.reflect package to provide reflections.
  • Ruby code may use methods from the Object class, such as const_get( ) and send( ) for reflection.
  • reflective code algorithms may use several different algorithms based on characteristics of the seed.
  • a different algorithm may be selected at runtime based on a modulo of the seed, a sum of the digits of the seed, or various other characteristics of the seed.
  • Other key generation algorithms may utilize fuzzy logic, Kohonen maps, neural networks, heuristic functions, or other techniques to generate the key.
  • Embodiments of the present invention employ a first code segment that is reflective code and thus observes and modifies its structure and behavior at runtime.
  • the first code segment generates a second code segment based on the observations and modifications of its structure and behavior at runtime.
  • the results of these observations and modifications of the first code segment at runtime thus generate as data or instructions, i.e., a second code segment.
  • the second code segment is then used to generate the key for allowing access to the storage device.
  • the second code segment uses the regenerated seed to generate the key.
  • Reflective code does not require obfuscation of the key generation algorithm because the key generation algorithm is not otherwise generated or known until runtime. Because the seed is necessary to know the key generation algorithm, and further because the seed and the second code segment for ultimately generating the key are never stored on the storage device, use of reflective code provides a secure key generation technique. Thus, use of reflective code to generate the key allows for the code necessary for generating the key not being stored on the storage device. Instead, the first code segment that generates the second code segment at runtime, based on the first code segment's structure and behavior, is the only code stored on or otherwise made accessible by the storage device. Moreover, in embodiments of the present invention, the key cannot be generated without the second code segment first receiving the seed.
  • Alternative embodiments of the present invention may include multiple layers of reflective code segments that iteratively generate an additional or next code segment in the runtime sequence.
  • the first code segment could generate the second code segment, which in turn could generate a third code segment that is used to generate the key, or the third code segment could generate a fourth code segment that is used to generate the key.
  • use of reflective code for generating the key embodies at least one code segment being a reflective code segment.
  • the key is generated, it is used to allow access to the storage device. Neither the seed nor the key must be saved on, or otherwise made accessible by, the storage device to obtain access. Instead, the user need only provide a live biometric identifier to begin the seed regeneration and key generation processes.
  • Embodiments of the present invention are well-suited for various authentication methods, including a HOTP authentication system.
  • the key may be regenerated and provided to a HOTP access module 140 , as illustrated in FIG. 3 .
  • the key is fed to the HOTP algorithm to provide the password for entry by the user.
  • the user must enter a one-time password to gain access to the storage device.
  • the key is also stored at an authentication server. Based on the last password entered (Password N ) and the expired time since the last password was entered, the authentication server knows the one-time password (Password N+1 ) that should be entered by the user.
  • the seed is retrieved from the live biometric template and the key is generated, according to the above-described process.
  • This key is then fed to the HOTP algorithm to obtain the one-time password to be provided by the user.
  • the authentication server authenticates the one-time password provided by the user.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Collating Specific Patterns (AREA)
  • Storage Device Security (AREA)

Abstract

A system, a method, and a computer program for generating a seed and/or a key from live biometric indicia, such that all the information necessary for generating the seed and/or the key is not stored on a storage medium. The method comprises receiving a biometric template from a user and enrolling the template; assigning an optimization value to the enrolled biometric template; encrypting an item of test data using the optimization value, such that the optimization value is an encryption seed; storing the encrypted item of test data on the storage medium; destroying the encryption seed after encrypting the item of test data; receiving a live biometric template; comparing the templates and determining an interval based on a probability that the templates are specific to the same user; iteratively testing values within the interval to identify the value in the interval for decrypting the encrypted item of test data, wherein the value used to decrypt the item of test data is the encryption seed; and generating the key using the seed.

Description

RELATED APPLICATION
The present non-provisional application claims priority benefit, with regard to all common subject matter, to U.S. Provisional Patent Application No. 61/305,435, entitled “DYNAMIC SEED AND KEY GENERATION FROM BIOMETRIC INDICIA,” filed Feb. 17, 2010, which is hereby incorporated by reference in its entirety into the present application.
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to seed and key generation systems for encryption methods. More particularly, the invention relates to a seed and a key generation system for non-deterministic biometric indicia. The system does not store all necessary information for regenerating an encryption seed or generation an encryption key. Instead, the system destroys the seed and key and requires a live biometric sample to recreate the seed/key.
2. Description of the Related Art
Limiting access to a storage medium or device or a secure repository stored on a device is often desirable. Access to the storage device may be limited to one or more authenticated users. To authenticate a user, the user must initially enroll a biometric identifier specific to the user. This biometric identifier serves as an authentication password to verify the user's identity. When future access to the storage device is desired, the user provides the same biometric identifier, referred to as a live biometric identifier. The enrolled and live biometric identifiers are compared, and if the authentication system determines that the biometric identifiers likely belong to the same user, the system unlocks or otherwise retrieves a key for accessing the storage device.
In many authentication systems, the key is encrypted prior to being stored on the storage device or otherwise made accessible by the storage device. Encryption of the key does provide some security, as a hacker (who does not have access to the live biometric identifier for the specific user) must decrypt the key prior to accessing the device. However, decryption of the key is often elementary to skilled hackers.
Another layer of security is often added to the storage device by requiring that the key be regenerated each time access to the device is requested. However, to regenerate the key, a seed must be stored (either in encrypted or even hashed form or unencrypted or unhashed form). Similar to the encrypted key, a stored encrypted seed is still vulnerable to hackers.
In view of the concerns with storing the seed/key on the storage device or otherwise making accessible by the device, authentication systems have been developed that do not store the seed and/or key on the storage device itself. Instead, the seed and/or key is communicated or otherwise transferred to an authentication server, at which it is stored. When the user desires to access the storage device, the authentication system verifies the user's identity and transfers the seed and/or key to the device for accessing of the device. This authentication method is still vulnerable to security risks, as transferring the seed and/or key increases the potential for hacking and compromises the overall security of the encryption system.
The above security disadvantages are germane to many common encryption methods, including symmetric encryption and asymmetric encryption, and authentication systems, such as a one-time password authentication system. Specifically, supply of a password in a HOTP algorithm is particularly subject to security risks.
As is known, the HOTP algorithm is an HMAC based one-time password authentication system. OTP algorithms provide a single-use (i.e., one-time) password based on a known time, a known last password entered, and a key (or a seed for generating a key) stored by or at an authentication server. A client, which could be a storage device or software on the user side, and the authentication server run the HOTP algorithm in parallel. The authentication server running the HOTP algorithm typically uses an input key, a timer (or counter), and a known previous password to determine the next password in the algorithm's sequence. At the time of the user requesting access to the storage device or software, the storage device or software on the user will output a password. The outputted password at the user side is compared to the password, at the authentication side, determined by the HOTP algorithm to be the next password in the sequence. The comparison is performed by the authentication server. If the passwords match, the user is granted access to the storage device. The outputted password at the user side is different each time and only viable for a short time, thus making it a one-time password.
Accordingly, there is a need for an encryption system that does not store or otherwise provide access to all of the information necessary for obtaining access to a storage device. More particularly, there is a need for an encryption system that requires a live biometric identifier be provided at the time of access to the device for purposes of generating the seed and/or key—as opposed to merely authenticating an identity of the user.
SUMMARY OF THE INVENTION
Embodiments of the present invention solve the above-mentioned problems and provide a distinct advance in the art of seed and key generation systems. More particularly, embodiments of the invention provide a system, a computer program, and methods for seed and key generation from a non-deterministic live biometric identifier. The system of the present invention performs the methods implemented via the computer program. The system broadly comprises a storage device for interfacing with a computer; and a computer-readable storage medium integrated in or accessible by the storage device, the computer-readable medium having a plurality of modules comprising a plurality of code segments stored thereon, including an initialization module comprising an enrollment module for enrolling a biometric template and a seed generation module for initially generating a seed, a live capture module for capturing a live biometric template upon a user desiring to access the storage device, a seed regeneration module for regenerating the seed upon the user desiring to access the storage device, and a key generation module for generating a key from the seed.
During an initialization stage for the storage device, the enrollment module first receives information indicative of at least one biometric template specific to a user for storing on, or otherwise making accessible by, the storage device. The biometric template is then an enrolled biometric template that is used for comparison to any future, live capture biometric templates. The present invention assigns an optimization value to the enrolled biometric template. This optimization value is indicative of at least one representative feature of the enrolled biometric template.
After creating the enrolled biometric template and obtaining an optimization value for the template (or, more specifically, for biometric indicia associated with the biometric template), the seed is initially generated as part of the initialization stage. An item of test data is encrypted using the optimization value associated with the enrolled biometric template. Using the optimization value as an encryption value thus makes the optimization value the seed or otherwise directly associates the optimization value with the seed. The seed (i.e., the optimization value) is then destroyed, leaving only the encrypted item of test data, the unencrypted item of test data, and the enrolled biometric template stored on the storage device or otherwise made accessible by the device. The initialization stage is then complete, and the user may access the storage device at a future time by providing a live biometric template.
When the user desires to access the storage device subsequent to the initialization stage, the live biometric template is required for generating the seed previously destroyed during the initialization stage. In particular, the seed is regenerated by first comparing the enrolled biometric template with the live biometric template and determining an interval having a range based on a probability that the enrolled and live templates are specific to the same user. The interval has a plurality of values, and one of the values is indicative of or is the same as the destroyed encryption seed associated with the optimization value for the enrolled biometric template.
The present invention then iteratively tests the values within the interval by using each value to decrypt the stored, encrypted item of test data. If the encrypted item of test data can be decrypted with the tested value, then the tested value is the seed associated with the optimization value and used to encrypt the item of test data, such that the seed is regenerated.
If the seed is used to generate a key, which is then used to access the storage device, embodiments of the present invention generate the key using reflective code. In particular, the present invention employs a first code segment that at runtime observes and modifies a structure and a behavior of itself to generate a second code segment. The second code segment then uses the seed to generate the key. The key is operable to encrypt or decrypt one or more files stored on the storage device or to provide access to the storage device.
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter. Other aspects and advantages of the present invention will be apparent from the following detailed description of the embodiments and the accompanying drawing figures.
BRIEF DESCRIPTION OF THE DRAWING FIGURES
Embodiments of the present invention are described in detail below with reference to the attached drawing figures, wherein:
FIG. 1 is a schematic block diagram of a seed and key generation system constructed in accordance with various embodiments of the current invention;
FIG. 2 is a block diagram of various modules comprising a plurality of code segments stored on a computer-readable medium of the present invention;
FIG. 3 is a block diagram of at least some steps of a method for seed and key generation; and
FIG. 4 is a flow chart of at least some steps of a method for seed and key generation.
The drawing figures do not limit the present invention to the specific embodiments disclosed and described herein. The drawings are not necessarily to scale, emphasis instead being placed upon clearly illustrating the principles of the invention.
DETAILED DESCRIPTION OF THE EMBODIMENTS
The following detailed description of the invention references the accompanying drawings that illustrate specific embodiments in which the invention can be practiced. The embodiments are intended to describe aspects of the invention in sufficient detail to enable those skilled in the art to practice the invention. Other embodiments can be utilized and changes can be made without departing from the scope of the present invention. The following detailed description is, therefore, not to be taken in a limiting sense. The scope of the present invention is defined only by the appended claims, along with the full scope of equivalents to which such claims are entitled.
In this description, references to “one embodiment,” “an embodiment,” or “embodiments” mean that the feature or features being referred to are included in at least one embodiment of the technology. Separate references to “one embodiment,” “an embodiment,” or “embodiments” in this description do not necessarily refer to the same embodiment and are also not mutually exclusive unless so stated and/or except as will be readily apparent to those skilled in the art from the description. For example, a feature, structure, act, etc. described in one embodiment may also be included in other embodiments, but is not necessarily included. Thus, the present technology can include a variety of combinations and/or integrations of the embodiments described herein.
A dynamic seed and key generation system 10 constructed in accordance with various embodiments of the present invention is shown in FIG. 1. The system 10 employs a storage device 12, such as a flash drive or mobile wireless device, for interfacing with a computing device 14 (also referred to herein as a “computer”). The storage device 12 includes an integrated computer-readable storage medium 16 or is otherwise operable to access a computer-readable storage medium 16. The storage medium 16 has a plurality of modules comprising a plurality of code segments stored on the computer-readable medium for implementing a computer program and a method of embodiments of the present invention. For ease of reference, the various components or steps of the computer program and method are referred to herein as modules. It should be appreciated, however, that particular sub-components or sub-steps within a module could be performed by a different module, or two or more modules could be combined into a single module. The categorization of the various components and steps is for ease of reference only.
Some or all of the seed and key generation modules described herein can be used for various access protocols and encryption/decryption protocols. For example, the seed and key generation system 10 can be used for allowing a user access to a secure repository stored on the storage device 12. The secure repository may be a database, a hard drive, a file, a folder, or any digital location to which access is limited based on the identity of the user. Alternatively, the system 10 can be used for encrypting/decrypting files or folders stored on the storage device 12. The system 10 can be used with both symmetric and asymmetric encryption methods and with various authentication systems, including a one-time password (OTP) algorithm, such as a HOTP algorithm.
Referring to FIGS. 1 and 2, the seed and key generation system 10 broadly comprises the storage device 12; an initialization module 100 for initializing the storage device 12 for accessibility to the secure repository or for encryption/decryption purposes in the future, the initialization module 100 including an enrollment sub-module 102 for enrolling a biometric template, for determining an optimization parameter associated with the enrolled biometric template, and for storing the enrolled biometric template on, or otherwise making accessible to, the storage device, and a seed generation sub-module 104 for generating a seed using the optimization parameter associated with the enrolled biometric template, encrypting an item of test data with the seed, and subsequently destroying the seed; a live capture module 110 for capturing a live biometric template for use in regenerating the seed; a seed regeneration module 120 for regenerating the destroyed seed based on statistical matching of the enrolled and live biometric templates; and a key generation module 130 for generating a key from the regenerated seed.
The dynamic seed and key generation system 10 may be implemented in hardware, software, firmware, or a combination thereof. In various embodiments, the components of the seed and key generation system 10 may be implemented as software programs or processor-executable code segments that may be stored on the computer-readable storage medium 16. In the context of this application, a “computer-readable medium” or a “computer-readable storage medium” can be any device that can contain or store the computer program for use by or in connection with the instruction execution system, apparatus, or device. The computer-readable medium can be, for example, but not limited to, an electronic, magnetic, optical, electro-magnetic, biochemical, or semi-conductor system, apparatus, or device. More specific, although not inclusive, examples of the computer-readable medium include the following: a portable computer diskette, a hard drive, a random access memory (RAM), a read-only memory (ROM), an erasable, programmable, read-only memory (EPROM or Flash memory), a portable compact disk read-only memory (CDROM), a digital video disc (DVD), a Blu-Ray™ disc, and the like. In certain embodiments of the present invention, the computer-readable medium 16 is integrated with, or accessible by, the storage device 12, which may be portable, such as a flash drive or thumb drive, and that is interfaced with the computing device 14. In other embodiments, the computer-readable medium 16 may be integrated with or accessible by the computing device 14.
An exemplary computing device 14 generally comprises any device that is capable of running an operating system and executing software applications, such as a workstation, a desktop computer, a laptop computer, a notebook computer, a palmtop computer, a tablet computer, such as an IPAD®, a mobile wireless communications device, a point of sale terminal, a credit card scanner, and the like. The computing device includes data processing circuitry coupled with memory components to execute computer code or software, such as processors, microprocessors, multi-core microprocessors, microcontrollers, combinations thereof, and the like.
The various modules and sub-modules described herein represent steps implemented by the method. The steps of the method are preferably implemented via the computer program or software comprising a plurality of code segments stored on the computer-readable medium 15 and executable by the computing device 14. For ease of reference herein, reference to the modules should be understood to encompass both the method and the computer program of the present invention.
Referring now to FIGS. 1-3, the system, computer program, and method of the present invention will be described in detail, with initial reference to the initialization module 100 for setting up the storage device 12. The initialization of the storage device includes enrolling an enrolled biometric template via the enrollment module and creating or generating a seed via the seed generation module. Initialization is required so that the storage device is associated with a specific user, such that only the specific user can access a secure repository on the storage device, encrypt/decrypt files or folders saved on the storage device, or obtain a password via an OTP algorithm, such as a HOTP algorithm. In most circumstances, the initialization of the storage device will only be required once. However, should the user wish to erase the storage device, enroll a different biometric identifier, or enroll a different or additional user, the initialization will need to be performed again.
As noted above, the initialization module 100 comprises an enrollment sub-module 102 (or simply, an enrollment module) and a seed generation sub-module 104 (or simply, a seed generation module). The enrollment module 102 is operable to enroll a biometric template, determine the optimization parameter associated with the enrolled biometric template, and store the enrolled biometric template on, or otherwise make accessible by, the storage device. The seed and key generation system employs biometric indicia to generate the seed/key, allow access to files or information, encrypt/decrypt files or information, or provide one-time passwords when used with a OTP algorithm (collectively or individually broadly referred to herein as “allowing access to the storage device”). The enrolled biometric template is permanently stored on or otherwise made accessible to the storage device, as illustrated in FIGS. 1 and 3. In contrast, the live biometric template, which is discussed below, is provided for seed and key generation at the time the user wishes to access the storage device, but the live biometric template is not permanently stored on the storage device and is deleted once access is granted.
It is to be appreciated that some or all of the modules, the enrolled biometric template, and other information discussed herein as stored on the storage device or otherwise made accessible by the storage device may be stored at a third-party storage device 18, such as an authentication server 18, the computing device 14, or the like. Moreover, the storage device 12 may communicate with the computing device 14 and/or the third-party storage device 18 via known communication networks 20 and techniques, including device-to-device networking, cloud networking, an Ethernet network, an 802.11 wireless network, a blue tooth network, a computer bus, or any other device, apparatus, system, or combination thereof capable of enabling communication, individually or collectively, among the storage device, the computing device, and the third-party storage device.
Referring to FIG. 1, the biometric indicia for a particular biometric identifier, such as a fingerprint of a finger, is obtained through a biometric sensor 22, which may be coupled with, integrated in, or accessible by the storage device 12 and/or the computing device 14. For example, the storage device could be a mobile wireless communications device, and the biometric sensor could be integrated with the communications device. Alternatively, the storage device could be a flash or thumb drive including an integrated biometric sensor. An even further alternative could be a biometric sensor coupled to the storage device and/or computing device. The biometric sensor could be a fingerprint scanner or other suitable biometric sensor for receiving the biometric identifier, identifying and capturing unique biometric indicia associated with the biometric identifier, and creating the biometric template. It should be understood that the biometric sensor could be any device to extract biometric indicia sufficient for creating a biometric template or that otherwise creates unique indicia. For example, a lightwave spectrum sensor captures biometric characteristics not visible to the human eye.
It is to be understood that the present invention is for use with all types of biometric indicia, including fingerprints, palm prints, the orientation and arrangement of features on a face, iris scans, and DNA. However, for ease of reference herein, the biometric indicia will be described with respect to a fingerprint.
To enroll a biometric identifier specific to the user, a user of the invention initially provides at least one and often several samples of the same biometric identifier (i.e., the same finger for obtaining a fingerprint scan), as referenced at Step 200 of FIG. 4. Biometric indicia specific to the biometric identifier is then extracted via known biometric techniques, as referenced at Step 202. For certain types of biometric identifiers, such as fingerprints, there is a statistically extremely low probability of extracting the same collective biometric indicia for the biometric identifier each time a scan or sample of the identifier is taken. The biometric indicia associated with the biometric identifier is therefore non-deterministic, in that the collective biometric indicia cannot be accurately identified each time the biometric identifier is scanned or sampled.
It is common to employ a mathematical algorithm to identify representative features of the biometric indicia specific to the biometric identifier. An exemplary, although non-limiting, algorithm for fingerprints is a vector-based matching algorithm. The goal of any algorithm for digitally representing a biometric identifier as a biometric template is to identify the representative features that will most likely be extracted from any future scan or sample taken of the particular biometric identifier. Thus, in the case of fingerprints, a representative feature may be a pattern of ridges or valleys in the fingerprint that will likely be identified in any future fingerprint scans. For purposes of the enrollment module of the present invention, one or more scans or samples of the biometric identifier may be taken for obtaining the one or more representative features.
From these representative features, the present invention identifies an optimization value specific to the enrolled biometric indicia, as referenced at Step 204. The optimization value is a value, parameter, or other feature that is statistically highly likely to be the same as or close to a value, parameter, or other feature identified in any future live scan or sample of the biometric identifier. Thus, the optimization value is unique to the particular biometric identifier. Notably, however, the optimization value is not necessarily the value that is most representative of the biometric identifier. Instead, the optimization value can be a value that is statistically close to a representative value of the biometric identifier.
The optimization value may be determined through various known optimization techniques, including, but not limited to, averaging the biometric indicia of each sample or scan of the biometric identifier and creating a correlation and a projection and determining expected asymptotes.
After determining the optimization value, the seed is initially generated. The seed can be a key to allow access to the storage device 12, or the seed can be used to create, derive, or generate a key that in turn allows access to the storage device. In the present invention, the seed is used for both purposes. In particular, as part of the seed generation module 104, the seed is first used to encrypt an item of test data, as referenced at Step 206. The item of test data is preferably a relatively small-sized piece of data, such as less than approximately 1 MB, that is used as a standard or measure by which to determine if a seed regenerated in the future is the same as the seed initially created by the seed generation module 104. The unencrypted item of test data (i.e., the item of test data in its initial form before encryption with the seed) and the encrypted item of test data are stored on or otherwise made accessible by the storage device, as referenced at Step 208. The seed is then subsequently destroyed, as references at Step 210.
In embodiments of the present invention, the seed is the optimization value associated with the enrolled biometric indicia or is otherwise information indicative of the optimization value. Thus, the seed is directly associated with the enrolled biometric indicia, and, in particular, the biometric identifier specific to the user. Encryption of the item of test data is performed using, at least in part, the optimization value or information associated with or indicative of the optimization value.
Commensurate with or immediately subsequent to creating the seed, the enrolled biometric template is created, as referenced at Step 212. To obtain or create the enrolled biometric template, the enrolled biometric indicia is hashed or otherwise transformed with the aid of an injective function or via other known techniques. The enrolled biometric template is the digital representation of the biometric identifier (a present size of a common biometric template is approximately 1 MB). Because the biometric indicia is hashed, the optimization value cannot be determined based on knowing the enrolled biometric template alone, as the result of an injective function such as a hashing algorithm is to prevent reverse engineering of the enrolled biometric template. Although the optimization value is determined or assigned prior to creation of the enrolled biometric template (i.e., prior to hashing the biometric indicia to obtain the biometric template), reference herein to the optimization value being associated with the enrolled biometric template shall be understood to encompass the optimization value being associated with biometric indicia for the enrolled biometric identifier.
Upon determining an optimization value for the enrolled biometric template and creating the enrolled biometric template, the present invention stores the enrolled biometric template on the storage device or in a location accessible by the storage device, as referenced at Step 214. In embodiments of the present invention, the enrolled biometric template may be further encrypted or hashed prior to storage.
Upon completion of the enrollment and seed generation modules, the three items of information relevant to future seed regeneration and key generation remain stored on the storage device or otherwise accessible to the device, namely the enrolled biometric template, the unencrypted item of test data, and the encrypted item of test data. In this state, all information or data necessary for obtaining access to the storage device is not stored on the device or accessible to the device. For example, in prior art applications where the encrypted key is stored on the device, all the information necessary for obtaining access to the storage device is stored on the device. In theory, the user cannot access the storage device without providing a live biometric scan that authenticates the user and allows decryption of the key. However, because the encrypted key is still stored on the device, the device remains vulnerable to hacking. The same issues remain even if a seed for generating the key, rather than the key itself, is stored on the device (in encrypted or unencrypted form). In contrast, in the present invention there is at least one item of information necessary for obtaining access to the storage device that is not stored on the device or otherwise accessible to the device, namely the optimization value that serves as the encryption seed. If there is an item of necessary access information not stored on the device, the device cannot be hacked.
A result of not storing on the storage device all information necessary for obtaining access to the device is that access to the device cannot be obtained—under any hacking or vulnerability scenarios—without a live biometric identifier being provided at the time of granting access. To accomplish this level of security, embodiments of the present invention receive a live biometric template via the live capture module 110 and perform a seed regeneration via the seed regeneration module 120.
Referring to FIG. 2 and Step 216 of FIG. 4, the live capture module 110 is performed subsequent to the initialization module 100 and prior to each time the user desires to access the storage device 12. When desiring to access the storage device, the user will provide the biometric identifier used for the enrollment module 102 described above. A scan or sample of the biometric identifier will be taken via the biometric sensor 22, the biometric indicia associated with the biometric identifier will be identified, and a biometric template will be created, similar to the enrollment method described above for the enrolled biometric template. The biometric template created each time the user provides the biometric identifier for access to the storage device (but subsequent to the initialization of the storage device) is herein referred to as a live biometric template. The live capture module 110 will then receive information indicative of the live biometric template. As detailed below, the live biometric template is then used to regenerate the seed.
In alternative embodiments of the present invention, the live capture module 110, including the user providing a live scan or sample, may only need to be performed upon interfacing the storage device with a particular computing device, upon a period of time expiring, upon opening or selecting the secure repository, upon request or initiation of a particular event, or at any other time or upon any other action specified by the user during the initialization of the storage device.
After creation of the live biometric template, the seed regeneration module 120 is performed. Referring to FIG. 2 and Step 218 of FIG. 4, the enrolled biometric template is compared with the live biometric template to determine a likelihood that the templates are indicative of the same biometric identifier (i.e., specific to the same user). The seed regeneration module 120 performs a matching algorithm by comparing the biometric indicia for each of the templates and determining a matching value or score that represents the probability that the templates “match” (i.e., the templates are specific to the same user). As discussed above, it is statistically very unlikely that the matching score will be a 100% probability for non-deterministic biometric identifiers, as the biometric indicia for the live biometric template will most likely be different than the indicia for the enrolled biometric template. However, in most circumstances where a suitable live biometric scan or sample of the live biometric identifier is obtained, the matching score will be sufficiently indicative of the biometric indicia of the enrolled biometric template for purposes of the present invention.
After the matching score is obtained, embodiments of the present invention determine a statistical interval having a range based on the matching score, namely a probability that the enrolled and live biometric templates are specific to the same user. A plurality of values lie within the interval. A size of the range of the interval from the lowest value to the highest value is dependent on the matching score. The higher the matching score (i.e., the more likely the enrolled and live biometric templates belong to the same user), the smaller the range of the interval. Similarly, the lower the matching score, the larger the range of the interval. Thus, the size of the range of the interval is inversely proportional to the magnitude of the matching score.
The values that lie within the interval are indicative of the representative features of the live biometric indicia specific to the live biometric identifier. Similar to as discussed above with respect to the enrolled biometric template, the algorithm for creating the live biometric template will identify prominent characteristics or representative features associated with the live biometric identifier. These prominent characteristics will then be represented by the live biometric indicia as values. At least one of these values will lie within the range of the interval in the event the enrolled and live biometric identifiers are the same.
If the enrolled and live biometric templates belong to the same biometric identifier, then the interval determined by the seed regeneration module will encompass the optimization value for the enrolled biometric template—even though the optimization value for the enrolled template is no longer known. This is because the optimization value for the enrolled template is indicative of a prominent characteristic or representative feature of the biometric identifier provided during the enrollment process. Moreover, the values that lie within the interval are indicative of one or more prominent characteristics or representative features of the biometric identifier provided for access to the storage device subsequent to the enrollment process. Although the likelihood of assigning the same value for the same prominent characteristic for both templates is very low, the likelihood of the biometric template algorithm identifying one or more values close to the optimization value and within a range suitable for performing the seed regeneration of the present invention is high. Thus, the seed regeneration module of the present invention guarantees that if the enrolled and live biometric templates belong to the same biometric identifier, then the optimization value associated with the enrolled biometric template will lie within the range of the determined interval (assuming that a suitable scan or sample of the live biometric identifier was obtained). Further, because the optimization value is the same as or associated with the destroyed seed, the seed regeneration module determines a statistical interval having a plurality of values, wherein one of the values is indicative of or is the same as the destroyed encryption seed associated with the optimization value for the enrolled biometric template.
For purposes of reducing the processing requirements and time for seed regeneration, embodiments of the present invention apply a filter to the interval to reduce any noise in the interval, as referenced at Step 220 of FIG. 4. After application of the filter to the interval, the filtered interval has fewer values remaining therein than prior to application of the filter. The filter of embodiments of the present invention discards vales known to not be the optimization value based on filtering techniques known in the art, such that subsequent to application of the filter, the value indicative of or the same as the destroyed encryption seed remains in the filtered interval. An exemplary filter is a checksum filter.
Subsequent to applying the filter to the interval, embodiments of the present invention regenerate or otherwise uncover the seed via an iterative testing process. In more detail and as referenced at Step 222, the seed regeneration module individually tests, according to a scheduled sequence, the values within the interval to determine if one of the particular values is the seed. To test a value, the value is used to decrypt the item of test data previously encrypted with the seed associated with the optimization value for the enrolled biometric template. If decryption is successful, then the seed regeneration module 120 knows that the tested value is the seed previously destroyed during the enrollment process. The tested value is then a regenerated seed. If decryption is unsuccessful, the seed regeneration module iteratively tests the next value in the scheduled sequence to determine if the next value decrypts the encrypted item of test data. In embodiments of the present invention, the decryption of the encrypted item of test data is evaluated against the stored item of test data (i.e., the item of test data that was not encrypted and was originally stored during the enrollment process) to confirm that the two items of test data are indeed the same item of data.
The iterative testing of the values within the range is preferably performed according to the scheduled sequence. The scheduled sequence may be in any preferred order, including forward sequential, reverse sequential, or based on an order dependent on a statistical likelihood that a particular value, or range of values, in the interval is the seed. Moreover, it should be appreciated that during the iterative testing step, should the decryption of the encrypted item of test data be successful, the iterative testing is ceased, such that no further value within the interval is tested.
Upon regenerating the seed, the regenerated seed could be used as a key to allow access to the storage device. However, embodiments of the present invention provide the key generation module 130 for generating the key using the seed, as referenced at Step 224, which provides an additional layer of security in obtaining access to the storage device. Although the key may be generated via known techniques and methods, embodiments of the present invention preferably employ reflective code to generate the key.
Reflective code is a system or method of coding wherein a code segment observes and modifies a structure and a behavior of the code segment at runtime, and based on the structure and behavior, generates a second code segment. In more detail, reflective code is computer source code that can access metadata about the environment, classes, methods, and data at runtime. In addition, reflective code can dynamically instantiate objects that are otherwise unknown at coding or compile-time, execute functions or methods, and destroy objects. For example, code written in Java may use classes and methods in java.lang.reflect package to provide reflections. Similarly, Ruby code may use methods from the Object class, such as const_get( ) and send( ) for reflection. Thus, reflective code algorithms may use several different algorithms based on characteristics of the seed. For example, in a reflective algorithm, a different algorithm may be selected at runtime based on a modulo of the seed, a sum of the digits of the seed, or various other characteristics of the seed. Other key generation algorithms may utilize fuzzy logic, Kohonen maps, neural networks, heuristic functions, or other techniques to generate the key.
Embodiments of the present invention employ a first code segment that is reflective code and thus observes and modifies its structure and behavior at runtime. The first code segment generates a second code segment based on the observations and modifications of its structure and behavior at runtime. The results of these observations and modifications of the first code segment at runtime thus generate as data or instructions, i.e., a second code segment. The second code segment is then used to generate the key for allowing access to the storage device. The second code segment uses the regenerated seed to generate the key.
Reflective code does not require obfuscation of the key generation algorithm because the key generation algorithm is not otherwise generated or known until runtime. Because the seed is necessary to know the key generation algorithm, and further because the seed and the second code segment for ultimately generating the key are never stored on the storage device, use of reflective code provides a secure key generation technique. Thus, use of reflective code to generate the key allows for the code necessary for generating the key not being stored on the storage device. Instead, the first code segment that generates the second code segment at runtime, based on the first code segment's structure and behavior, is the only code stored on or otherwise made accessible by the storage device. Moreover, in embodiments of the present invention, the key cannot be generated without the second code segment first receiving the seed.
Alternative embodiments of the present invention may include multiple layers of reflective code segments that iteratively generate an additional or next code segment in the runtime sequence. For example, the first code segment could generate the second code segment, which in turn could generate a third code segment that is used to generate the key, or the third code segment could generate a fourth code segment that is used to generate the key. Thus, it is to be appreciated that use of reflective code for generating the key embodies at least one code segment being a reflective code segment.
Once the key is generated, it is used to allow access to the storage device. Neither the seed nor the key must be saved on, or otherwise made accessible by, the storage device to obtain access. Instead, the user need only provide a live biometric identifier to begin the seed regeneration and key generation processes.
Embodiments of the present invention are well-suited for various authentication methods, including a HOTP authentication system. When using the HOTP authentication system, the key may be regenerated and provided to a HOTP access module 140, as illustrated in FIG. 3. In particular, the key is fed to the HOTP algorithm to provide the password for entry by the user. As is known with HOTP algorithms, the user must enter a one-time password to gain access to the storage device. The key is also stored at an authentication server. Based on the last password entered (PasswordN) and the expired time since the last password was entered, the authentication server knows the one-time password (PasswordN+1) that should be entered by the user. The seed is retrieved from the live biometric template and the key is generated, according to the above-described process. This key is then fed to the HOTP algorithm to obtain the one-time password to be provided by the user. The authentication server authenticates the one-time password provided by the user. Thus, use of the present invention provides the password for entry by the user without requiring storage of the seed and/or key on the storage device.
Although the invention has been described with reference to the embodiments illustrated in the attached drawing figures, it is noted that equivalents may be employed and substitutions made herein without departing from the scope of the invention as recited in the claims.

Claims (20)

Having thus described various embodiments of the invention, what is claimed as new and desired to be protected by Letters Patent includes the following:
1. A system for seed and key generation comprising:
a storage device associated with a storage medium for interfacing with a computer; and
a non-transitory computer-readable medium integrated in or accessible by the storage device, the computer-readable medium having code stored thereon, wherein execution of the code by the computer performs the steps of:
receiving information indicative of at least one biometric template specific to a user for storing on, or otherwise making accessible by, the storage device, such that the stored biometric template is an enrolled biometric template;
assigning an optimization value to the enrolled biometric template that is indicative of a representative feature associated with the enrolled biometric template;
encrypting an item of test data to obtain an encrypted item of test data, wherein the encrypting of the item of test data uses, at least in part, the optimization value associated with the enrolled biometric template, such that the optimization value serves as an encryption seed;
storing the encrypted item of test data on, or in a location accessible by, the storage device;
storing the item of test data in an unencrypted form on, or in a location accessible by, the storage device;
destroying the encryption seed after encrypting the item of test data, such that the seed is not stored on, or otherwise made accessible by, the storage device or transmitted to a third-party storage device;
receiving information indicative of a live biometric template for use in regenerating the encryption seed;
comparing the enrolled biometric template with the live biometric template and determining an interval having a range based on a probability that the enrolled and live templates are specific to the same user,
wherein the interval has a plurality of values therein, and one of the values is indicative of or is the same as the destroyed encryption seed associated with the optimization value for the enrolled biometric template;
iteratively testing the values within the interval to identify the value in the interval for decrypting the encrypted item of test data,
wherein said step of iteratively testing includes the steps of using at least one value within the interval to decrypt the previously stored and encrypted item of test data to obtain a decrypted item of test data, and comparing said decrypted item of test data against said previously stored item of test data in an unencrypted form to determine if the decrypted item of test data and the previously stored item of test data in an unencrypted form are substantially similar,
wherein upon testing a particular value within the interval and determining that the particular value is operable to successfully decrypt the encrypted item of test data based on the comparing, the encryption seed is regenerated and the iterative testing is ceased;
generating a key using the seed, wherein said key is operable to encrypt or decrypt one or more files stored on a secure repository associated with the storage device or to provide access to the secure repository; and
destroying the key after using the key to encrypt or decrypt one or more files stored on the secure repository or to provide access to the secure repository, such that the key is not stored on, or otherwise made accessible by, the storage device or transmitted to a third-party storage device.
2. The system of claim 1, wherein generating the key further comprises:
observing and modifying a structure and a behavior of a first code segment at runtime to generate a second code segment,
wherein said first code segment is a reflective code segment, and
wherein the key is generated using the second code segment.
3. The system of claim 2, wherein encryption or decryption of the files on the storage device or access to the secure repository cannot be obtained without receipt of the live biometric template.
4. The system of claim 3, further including supplying the key to a HOTP authentication system for obtaining a one-time password.
5. The system of claim 2, wherein receiving information indicative of the enrolled biometric template further comprises:
receiving information indicative of at least one biometric identifier specific to a user and determining biometric indicia associated with the biometric identifier; and
assigning the optimization value to the biometric indicia prior to creation of the enrolled biometric template, such that the enrolled biometric template does not provide information from which the optimization value can be determined without receipt of the live biometric template.
6. The system of claim 1, wherein the probability that the enrolled biometric template and the live biometric template are specific to the same user is inversely proportional to a size of a range of the interval, such that the higher the probability, the smaller the range and the fewer values within the range.
7. The system of claim 1, further including applying a filter to the values within the interval so as to reduce noise within the interval, such that after application of the filter, the interval is a filtered interval,
wherein said filter is applied to the values subsequent to determining the interval but prior to iteratively testing the values within the interval, and
wherein subsequent to applying the filter, the value indicative of or the same as the destroyed encryption seed remains in the filtered interval.
8. A non-transitory computer-readable storage medium encoded with code segments for generating a seed and a key for accessing a storage device interfaced with a computer, the computer-readable medium including code segments for performing the steps comprising:
receiving information indicative of at least one biometric template specific to a user for storing on, or otherwise making accessible by, the storage device, such that the stored biometric template is an enrolled biometric template;
assigning an optimization value to the enrolled biometric template that is indicative of a representative feature associated with the enrolled biometric template;
encrypting an item of test data to obtain an encrypted item of test data, wherein the encrypting of the item of test data uses, at least in part, the optimization value associated with the enrolled biometric template, such that the optimization value serves as an encryption seed;
storing the encrypted item of test data on, or in a location accessible by, the storage device;
storing the item of test data in an unencrypted form on, or in a location accessible by, the storage device;
destroying the encryption seed after encrypting the item of test data, such that the seed is not stored on, or otherwise made accessible by, the storage device or transmitted to a third-party storage device;
receiving information indicative of a live biometric template for use in regenerating the encryption seed;
comparing the enrolled biometric template with the live biometric template and determining an interval having a range based on a probability that the enrolled and live templates are specific to the same user,
wherein the interval has a plurality of values therein, and one of the values is indicative of or is the same as the destroyed encryption seed associated with the optimization value for the enrolled biometric template;
iteratively testing the values within the interval to identify the value in the interval for decrypting the encrypted item of test data,
wherein said step of iteratively testing includes the steps of using at least one value within the interval to decrypt the previously stored and encrypted item of test data to obtain a decrypted item of test data, and comparing said decrypted item of test data against said previously stored item of test data in an unencrypted form to determine if the decrypted item of test data and the previously stored item of test data in an unencrypted form are substantially similar,
wherein upon testing a particular value within the interval and determining that the particular value is operable to successfully decrypt the encrypted item of test data based on the comparing, the encryption seed is regenerated and the iterative testing is ceased;
generating a key using the seed, wherein said key is operable to encrypt or decrypt one or more files stored on a secure repository associated with the storage device or to provide access to the secure repository; and
destroying the key after using the key to encrypt or decrypt one or more files stored on the secure repository or to provide access to the secure repository, such that the key is not stored on, or otherwise made accessible by, the storage device or transmitted to a third-party storage device.
9. The computer-readable medium of claim 8, wherein generating the key further comprises:
observing and modifying a structure and a behavior of a first code segment at runtime to generate a second code segment,
wherein said first code segment is a reflective code segment, and
wherein the key is generated using the second code segment.
10. The computer-readable medium of claim 9, wherein encryption or decryption of the files on the storage device or access to the secure repository cannot be obtained without receipt of the live biometric template.
11. The computer-readable medium of claim 9, wherein receiving information indicative of the enrolled biometric template further comprises:
receiving information indicative of at least one biometric identifier specific to a user and determining biometric indicia associated with the biometric identifier; and
assigning the optimization value to the biometric indicia prior to creation of the enrolled biometric template, such that the enrolled biometric template does not provide information from which the optimization value can be determined without receipt of the live biometric template.
12. The computer-readable medium of claim 8, wherein the probability that the enrolled biometric template and the live biometric template are specific to the same user is inversely proportional to a size of a range of the interval, such that the higher the probability, the smaller the range and the fewer values within the range.
13. The computer-readable medium of claim 8, further including applying a filter to the values within the interval so as to reduce noise within the interval, such that after application of the filter, the interval is a filtered interval,
wherein said filter is applied to the values subsequent to determining the interval but prior to iteratively testing the values within the interval, and
wherein subsequent to applying the filter, the value indicative of or the same as the destroyed encryption seed remains in the filtered interval.
14. A method for seed and key generation comprising:
receiving information indicative of at least one biometric template specific to a user for storing on, or otherwise making accessible by, a storage device, such that the stored biometric template is an enrolled biometric template;
assigning an optimization value to the enrolled biometric template that is indicative of a representative feature associated with the enrolled biometric template;
encrypting an item of test data to obtain an encrypted item of test data, wherein the encrypting of the item of test data uses, at least in part, the optimization value associated with the enrolled biometric template, such that the optimization value serves as an encryption seed;
storing the encrypted item of test data on, or in a location accessible by, the storage device;
storing the item of test data in an unencrypted form on, or in a location accessible by, the storage device;
destroying the encryption seed after encrypting the item of test data, such that the seed is not stored on, or otherwise made accessible by, the storage device or transmitted to a third-party storage device;
receiving information indicative of a live biometric template for use in regenerating the encryption seed;
comparing the enrolled biometric template with the live biometric template and determining an interval having a range based on a probability that the enrolled and live templates are specific to the same user,
wherein the interval has a plurality of values therein, and one of the values is indicative of or is the same as the destroyed encryption seed associated with the optimization value for the enrolled biometric template;
iteratively testing the values within the interval to identify the value in the interval for decrypting the encrypted item of test data,
wherein said step of iteratively testing includes the steps of using at least one value within the interval to decrypt the previously stored and encrypted item of test data to obtain a decrypted item of test data, and comparing said decrypted item of test data against said previously stored item of test data in an unencrypted form to determine if the decrypted item of test data and the previously stored item of test data in an unencrypted form are substantially similar,
wherein upon testing a particular value within the interval and determining that the particular value is operable to successfully decrypt the encrypted item of test data based on the comparing, the encryption seed is regenerated and the iterative testing is ceased;
generating a key using the seed, wherein said key is operable to encrypt or decrypt one or more files stored on a secure repository associated with the storage device or to provide access to the secure repository; and
destroying the key after using the key to encrypt or decrypt one or more files stored on the secure repository or to provide access to the secure repository, such that the key is not stored on, or otherwise made accessible by, the storage device or transmitted to a third-party storage device.
15. The method of claim 14, wherein generating the key further of comprises:
observing and modifying a structure and a behavior of a first code segment at runtime to generate a second code segment,
wherein said first code segment is a reflective code segment, and
wherein the key is generated using the second code segment.
16. The method of claim 14, wherein encryption or decryption of the files on the storage device or access to the secure repository cannot be obtained without receipt of the live biometric template.
17. The method of claim 14, further including supplying the key to a HOTP authentication system for obtaining a one-time password.
18. The method of claim 14, wherein receiving information indicative of the enrolled biometric template further comprises:
receiving information indicative of at least one biometric identifier specific to a user and determining biometric indicia associated with the biometric identifier; and
assigning the optimization value to the biometric indicia prior to creation of the enrolled biometric template, such that the enrolled biometric template does not provide information from which the optimization value can be determined without receipt of the live biometric template.
19. The method of claim 14, wherein the probability that the enrolled biometric template and the live biometric template are specific to the same user is inversely proportional to a size of a range of the interval, such that the higher the probability, the smaller the range and the fewer values within the range.
20. The method of claim 14, further including applying a filter to the values within the interval so as to reduce noise within the interval, such that after application of the filter, the interval is a filtered interval,
wherein said filter is applied to the values subsequent to determining the interval but prior to iteratively testing the values within the interval, and
wherein subsequent to applying the filter, the value indicative of or the same as the destroyed encryption seed remains in the filtered interval.
US13/028,715 2010-02-17 2011-02-16 Dynamic seed and key generation from biometric indicia Expired - Fee Related US8745405B2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US13/028,715 US8745405B2 (en) 2010-02-17 2011-02-16 Dynamic seed and key generation from biometric indicia
US14/290,306 US9160532B2 (en) 2010-02-17 2014-05-29 Dynamic seed and key generation from biometric indicia
US14/880,686 US9755830B2 (en) 2010-02-17 2015-10-12 Dynamic seed and key generation from biometric indicia

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US30543510P 2010-02-17 2010-02-17
US13/028,715 US8745405B2 (en) 2010-02-17 2011-02-16 Dynamic seed and key generation from biometric indicia

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US14/290,306 Continuation US9160532B2 (en) 2010-02-17 2014-05-29 Dynamic seed and key generation from biometric indicia

Publications (2)

Publication Number Publication Date
US20110264919A1 US20110264919A1 (en) 2011-10-27
US8745405B2 true US8745405B2 (en) 2014-06-03

Family

ID=44816789

Family Applications (3)

Application Number Title Priority Date Filing Date
US13/028,715 Expired - Fee Related US8745405B2 (en) 2010-02-17 2011-02-16 Dynamic seed and key generation from biometric indicia
US14/290,306 Expired - Fee Related US9160532B2 (en) 2010-02-17 2014-05-29 Dynamic seed and key generation from biometric indicia
US14/880,686 Expired - Fee Related US9755830B2 (en) 2010-02-17 2015-10-12 Dynamic seed and key generation from biometric indicia

Family Applications After (2)

Application Number Title Priority Date Filing Date
US14/290,306 Expired - Fee Related US9160532B2 (en) 2010-02-17 2014-05-29 Dynamic seed and key generation from biometric indicia
US14/880,686 Expired - Fee Related US9755830B2 (en) 2010-02-17 2015-10-12 Dynamic seed and key generation from biometric indicia

Country Status (1)

Country Link
US (3) US8745405B2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9992171B2 (en) 2014-11-03 2018-06-05 Sony Corporation Method and system for digital rights management of encrypted digital content
US11831766B2 (en) * 2020-05-28 2023-11-28 David Kye Liang Lee Generation of encryption keys using biometrics

Families Citing this family (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI566564B (en) * 2012-04-25 2017-01-11 Samton International Development Technology Co Ltd Virtual reality authentication circuit, system and electronic consumption method
CN103368954B (en) * 2013-07-02 2016-06-08 山东科技大学 A kind of smart card registration entry based on password and biological characteristic
US9218473B2 (en) * 2013-07-18 2015-12-22 Suprema Inc. Creation and authentication of biometric information
GB2517777B (en) * 2013-08-30 2015-08-05 Cylon Global Technology Inc Data encryption and smartcard storing encrypted data
CN103532956A (en) * 2013-10-18 2014-01-22 浪潮电子信息产业股份有限公司 Biological information-based authentication method in cloud operation system
US9813246B2 (en) * 2013-10-29 2017-11-07 Jory Schwach Encryption using biometric image-based key
US8838071B1 (en) 2014-04-30 2014-09-16 Oto Technologies Llc Secure communications smartphone system
US9774596B2 (en) * 2014-05-23 2017-09-26 Fujitsu Limited Privacy-preserving biometric authentication
US9590984B2 (en) 2014-06-04 2017-03-07 Grandios Technologies, Llc Smartphone fingerprint pass-through system
US20150358333A1 (en) * 2014-06-04 2015-12-10 Grandios Technologies, Llc Geo-location and biometric presence security
CN104734848A (en) * 2015-03-02 2015-06-24 郑州轻工业学院 Recombinant DNA technology based information encrypting and hiding method and application
CN106161350B (en) * 2015-03-31 2020-03-10 华为技术有限公司 Method and device for managing application identifier
CN105119717A (en) * 2015-07-21 2015-12-02 郑州轻工业学院 DNA coding based encryption system and encryption method
IT201600127809A1 (en) * 2016-12-19 2018-06-19 DEVICE FOR PAYMENT TRANSACTIONS WITH CONTACTLESS TECHNOLOGY (NFC), WITH GENERATING ALGORITHM OTP CODE UNIQUE INTEGRAL TEXT STRING TEMPLATE GENERATED BY BIOMETRIC SCANNING OF THE DIGITAL FOOTPRINT, WITH TOKEN OTP FUNCTION, RECOGNITION OF IDENTITY AND SUBSCRIPTION FEATURE PUBLIC AND RELATED PROCESSES OF OPERATION, ASSOCIATION AND USE
WO2019078858A1 (en) * 2017-10-18 2019-04-25 Visa International Service Association Biometric data security system and method
US11943363B2 (en) 2017-12-08 2024-03-26 Visa International Service Association Server-assisted privacy protecting biometric comparison
US11223478B2 (en) 2018-04-04 2022-01-11 Sri International Biometric authentication with template privacy and non-interactive re-enrollment
US11023569B2 (en) * 2018-05-29 2021-06-01 Sri International Secure re-enrollment of biometric templates using functional encryption
US11283793B2 (en) * 2018-10-18 2022-03-22 Oracle International Corporation Securing user sessions
CN109586921B (en) * 2018-12-14 2021-07-02 飞天诚信科技股份有限公司 Method and system for realizing dynamic password
US10825275B2 (en) * 2018-12-19 2020-11-03 Ranjeev K. Singh Blockchain-controlled and location-validated locking systems and methods
CN111651774B (en) * 2019-03-04 2022-04-26 北京大学 Universal method for converting generated probability model into encoder and encryption method
CN112084507A (en) * 2019-06-13 2020-12-15 罗伯特·博世有限公司 Method for secure access to an electronic control unit
US10769873B1 (en) * 2019-06-28 2020-09-08 Alibaba Group Holding Limited Secure smart unlocking
US11200333B2 (en) * 2019-08-13 2021-12-14 International Business Machines Corporation File exposure to an intended recipient
CN111182003A (en) * 2020-02-28 2020-05-19 北京帕斯沃得科技有限公司 Identity authentication method based on authentication terminal

Citations (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5832091A (en) * 1994-09-07 1998-11-03 Mytec Technologies Inc. Fingerprint controlled public key cryptographic system
US6038315A (en) * 1997-03-17 2000-03-14 The Regents Of The University Of California Method and system for normalizing biometric variations to authenticate users from a public database and that ensures individual biometric data privacy
US6049612A (en) * 1997-03-10 2000-04-11 The Pacid Group File encryption method and system
US6185316B1 (en) * 1997-11-12 2001-02-06 Unisys Corporation Self-authentication apparatus and method
US6219794B1 (en) * 1997-04-21 2001-04-17 Mytec Technologies, Inc. Method for secure key management using a biometric
US6363485B1 (en) * 1998-09-09 2002-03-26 Entrust Technologies Limited Multi-factor biometric authenticating device and method
US20030091218A1 (en) * 2001-07-25 2003-05-15 Larry Hamid Method of hash string extraction
US6687375B1 (en) * 1999-06-02 2004-02-03 International Business Machines Corporation Generating user-dependent keys and random numbers
US20040044989A1 (en) * 2002-08-30 2004-03-04 Thomas Vachuska Apparatus and method using pre-described patterns and reflection to generate source code
US20040111625A1 (en) * 2001-02-14 2004-06-10 Duffy Dominic Gavan Data processing apparatus and method
US6928163B1 (en) * 1999-07-20 2005-08-09 International Business Machines Corporation Methods, systems and computer program products for generating user-dependent RSA values without storing seeds
US20050229009A1 (en) * 1999-06-21 2005-10-13 Fujitsu Limited Method and equipment for encrypting/decrypting physical characteristic information, and identification system utilizing the physical characteristic information
US20060123239A1 (en) * 2004-12-07 2006-06-08 Emin Martinian Biometric based user authentication with syndrome codes
US20070038863A1 (en) * 2003-10-20 2007-02-15 Nhan Nguyen System and Method for Decoupling Identification from Biometric Information in Biometric Access Systems
US20070050303A1 (en) * 2005-08-24 2007-03-01 Schroeder Dale W Biometric identification device
US20070174633A1 (en) * 2004-12-07 2007-07-26 Draper Stark C Biometric Based User Authentication and Data Encryption
US20070180261A1 (en) * 2004-06-09 2007-08-02 Koninklijke Philips Electronics, N.V. Biometric template protection and feature handling
US20090006855A1 (en) * 2004-11-16 2009-01-01 Koninklijke Philips Electronics, N.V. Securely Computing a Similarity Measure
US7474769B1 (en) * 2004-09-14 2009-01-06 Unisys Corporation Bioindex mechanism for increasing the relative speed of biometric identification against large population samples
US7526653B1 (en) * 1999-08-25 2009-04-28 Giesecke & Devrient Gmbh Method of data protection
US20090164979A1 (en) * 2007-12-20 2009-06-25 Fischer Martin P System landscape trace
US7620818B2 (en) * 2004-12-07 2009-11-17 Mitsubishi Electric Research Laboratories, Inc. Biometric based user authentication and data encryption
US20090310779A1 (en) * 2006-07-20 2009-12-17 Privylink Pte Ltd Method for generating cryptographic key from biometric data
US20100316260A1 (en) * 2009-06-15 2010-12-16 Xerox Corporation Biometric data encryption
US20110271120A1 (en) * 2009-01-09 2011-11-03 Thomas Andreas Maria Kevenaar Method and System for Verifying the Identity of an Individual by Employing Biometric Data Features Associated with the Individual
US8239685B2 (en) * 2007-10-24 2012-08-07 Electronics And Telecommunications Research Institute Biometric authentication method
US8312291B2 (en) * 2006-12-28 2012-11-13 Telecom Italia S.P.A. Method and system for biometric authentication and encryption
US8347106B2 (en) * 2007-07-03 2013-01-01 Nds Limited Method and apparatus for user authentication based on a user eye characteristic
US8417960B2 (en) * 2006-09-06 2013-04-09 Hitachi, Ltd. Method for generating an encryption key using biometrics authentication and restoring the encryption key and personal authentication system

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5280527A (en) * 1992-04-14 1994-01-18 Kamahira Safe Co., Inc. Biometric token for authorizing access to a host system
US6035398A (en) * 1997-11-14 2000-03-07 Digitalpersona, Inc. Cryptographic key generation using biometric data
US6687675B1 (en) * 1999-06-04 2004-02-03 Lurley Archambeau Message storage device
US20030219121A1 (en) * 2002-05-24 2003-11-27 Ncipher Corporation, Ltd Biometric key generation for secure storage
ATE343273T1 (en) * 2002-05-31 2006-11-15 Scient Generics Ltd BIOMETRIC AUTHENTICATION SYSTEM
SE522615C2 (en) * 2002-07-09 2004-02-24 Martin Tiberg Med Tiberg Techn A method and system for biometric identification or verification.
US7574734B2 (en) * 2002-08-15 2009-08-11 Dominique Louis Joseph Fedronic System and method for sequentially processing a biometric sample
US7272245B1 (en) * 2004-05-13 2007-09-18 The United States Of America As Represented By The National Security Agency Method of biometric authentication
EP1759259A2 (en) * 2004-06-09 2007-03-07 Koninklijke Philips Electronics N.V. Architectures for privacy protection of biometric templates
KR20070024633A (en) * 2004-06-25 2007-03-02 코닌클리케 필립스 일렉트로닉스 엔.브이. Renewable and private biometrics
TWI249314B (en) * 2004-10-15 2006-02-11 Ind Tech Res Inst Biometrics-based cryptographic key generation system and method
US8384515B2 (en) * 2008-09-15 2013-02-26 Accenture Global Services Limited Biometric processing using random projection transforms
US20110047377A1 (en) * 2009-08-19 2011-02-24 Harris Corporation Secure digital communications via biometric key generation

Patent Citations (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5832091A (en) * 1994-09-07 1998-11-03 Mytec Technologies Inc. Fingerprint controlled public key cryptographic system
US6049612A (en) * 1997-03-10 2000-04-11 The Pacid Group File encryption method and system
US6038315A (en) * 1997-03-17 2000-03-14 The Regents Of The University Of California Method and system for normalizing biometric variations to authenticate users from a public database and that ensures individual biometric data privacy
US6219794B1 (en) * 1997-04-21 2001-04-17 Mytec Technologies, Inc. Method for secure key management using a biometric
US6185316B1 (en) * 1997-11-12 2001-02-06 Unisys Corporation Self-authentication apparatus and method
US6363485B1 (en) * 1998-09-09 2002-03-26 Entrust Technologies Limited Multi-factor biometric authenticating device and method
US6687375B1 (en) * 1999-06-02 2004-02-03 International Business Machines Corporation Generating user-dependent keys and random numbers
US20050229009A1 (en) * 1999-06-21 2005-10-13 Fujitsu Limited Method and equipment for encrypting/decrypting physical characteristic information, and identification system utilizing the physical characteristic information
US6928163B1 (en) * 1999-07-20 2005-08-09 International Business Machines Corporation Methods, systems and computer program products for generating user-dependent RSA values without storing seeds
US7526653B1 (en) * 1999-08-25 2009-04-28 Giesecke & Devrient Gmbh Method of data protection
US8607056B2 (en) * 2001-02-14 2013-12-10 Genkey Netherlands B.V. Data processing apparatus and method
US20040111625A1 (en) * 2001-02-14 2004-06-10 Duffy Dominic Gavan Data processing apparatus and method
US20030091218A1 (en) * 2001-07-25 2003-05-15 Larry Hamid Method of hash string extraction
US20040044989A1 (en) * 2002-08-30 2004-03-04 Thomas Vachuska Apparatus and method using pre-described patterns and reflection to generate source code
US20070038863A1 (en) * 2003-10-20 2007-02-15 Nhan Nguyen System and Method for Decoupling Identification from Biometric Information in Biometric Access Systems
US20070180261A1 (en) * 2004-06-09 2007-08-02 Koninklijke Philips Electronics, N.V. Biometric template protection and feature handling
US7474769B1 (en) * 2004-09-14 2009-01-06 Unisys Corporation Bioindex mechanism for increasing the relative speed of biometric identification against large population samples
US20090006855A1 (en) * 2004-11-16 2009-01-01 Koninklijke Philips Electronics, N.V. Securely Computing a Similarity Measure
US7620818B2 (en) * 2004-12-07 2009-11-17 Mitsubishi Electric Research Laboratories, Inc. Biometric based user authentication and data encryption
US20070174633A1 (en) * 2004-12-07 2007-07-26 Draper Stark C Biometric Based User Authentication and Data Encryption
US20060123239A1 (en) * 2004-12-07 2006-06-08 Emin Martinian Biometric based user authentication with syndrome codes
US20070050303A1 (en) * 2005-08-24 2007-03-01 Schroeder Dale W Biometric identification device
US20090310779A1 (en) * 2006-07-20 2009-12-17 Privylink Pte Ltd Method for generating cryptographic key from biometric data
US8417960B2 (en) * 2006-09-06 2013-04-09 Hitachi, Ltd. Method for generating an encryption key using biometrics authentication and restoring the encryption key and personal authentication system
US8312291B2 (en) * 2006-12-28 2012-11-13 Telecom Italia S.P.A. Method and system for biometric authentication and encryption
US8347106B2 (en) * 2007-07-03 2013-01-01 Nds Limited Method and apparatus for user authentication based on a user eye characteristic
US8239685B2 (en) * 2007-10-24 2012-08-07 Electronics And Telecommunications Research Institute Biometric authentication method
US20090164979A1 (en) * 2007-12-20 2009-06-25 Fischer Martin P System landscape trace
US20110271120A1 (en) * 2009-01-09 2011-11-03 Thomas Andreas Maria Kevenaar Method and System for Verifying the Identity of an Individual by Employing Biometric Data Features Associated with the Individual
US20100316260A1 (en) * 2009-06-15 2010-12-16 Xerox Corporation Biometric data encryption

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9992171B2 (en) 2014-11-03 2018-06-05 Sony Corporation Method and system for digital rights management of encrypted digital content
US11831766B2 (en) * 2020-05-28 2023-11-28 David Kye Liang Lee Generation of encryption keys using biometrics

Also Published As

Publication number Publication date
US20110264919A1 (en) 2011-10-27
US9755830B2 (en) 2017-09-05
US20150263857A1 (en) 2015-09-17
US20160119138A1 (en) 2016-04-28
US9160532B2 (en) 2015-10-13

Similar Documents

Publication Publication Date Title
US9755830B2 (en) Dynamic seed and key generation from biometric indicia
US11336643B2 (en) Anonymizing biometric data for use in a security system
US8332637B2 (en) Methods and systems for nonce generation in a token
US9286455B2 (en) Real identity authentication
US10205723B2 (en) Distributed storage of authentication data
KR102132507B1 (en) Resource management based on biometric data
US20190311148A1 (en) System and method for secure storage of electronic material
US9935947B1 (en) Secure and reliable protection and matching of biometric templates across multiple devices using secret sharing
US20180082050A1 (en) Method and a system for secure login to a computer, computer network, and computer website using biometrics and a mobile computing wireless electronic communication device
US8812860B1 (en) Systems and methods for protecting data stored on removable storage devices by requiring external user authentication
WO2017000829A1 (en) Method for checking security based on biological features, client and server
CN111931144B (en) Unified safe login authentication method and device for operating system and service application
US20070237366A1 (en) Secure biometric processing system and method of use
US9485098B1 (en) System and method of user authentication using digital signatures
US9213818B2 (en) Anonymous authentication using backup biometric information
US20070220274A1 (en) Biometric authentication system
US10951609B2 (en) System to effectively validate the authentication of OTP usage
US11681787B1 (en) Ownership validation for cryptographic asset contracts using irreversibly transformed identity tokens
CN113826095A (en) Single click login process
TWI724681B (en) Managing cryptographic keys based on identity information
US20070226515A1 (en) Secure biometric processing system and method of use
EP3745289A1 (en) Apparatus and method for registering biometric information, apparatus and method for biometric authentication
TWI844338B (en) Passwordless authentication method and computer program product
JP7320101B2 (en) Computer system, server, terminal, program, and information processing method

Legal Events

Date Code Title Description
AS Assignment

Owner name: CEELOX, INC., FLORIDA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:PIZANO, ERIX;SASS, JOE;REEL/FRAME:025968/0007

Effective date: 20110315

STCF Information on status: patent grant

Free format text: PATENTED CASE

AS Assignment

Owner name: CIP, LLC, KANSAS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CEELOX, INC.;REEL/FRAME:033571/0060

Effective date: 20130423

AS Assignment

Owner name: CEELOX PATENTS, LLC, KANSAS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CIP, LLC;REEL/FRAME:033584/0645

Effective date: 20130206

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YR, SMALL ENTITY (ORIGINAL EVENT CODE: M2551)

Year of fee payment: 4

FEPP Fee payment procedure

Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY

LAPS Lapse for failure to pay maintenance fees

Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY

STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20220603